CORStest: A simple CORS misconfiguration scanner